Michael Lynn's lawyer blogs on Cisco, ISS case
Jennifer Granick traveled to Las Vegas two weeks ago to give a practical and theoretical tutorial on legal issues related to computer security practices at the Black Hat security confab. Granick, executive director of the Stanford Law School Center for Internet and Society, even invited her parents and sister along to come and see her speak .
But Black Hat turned out to be much busier for Granick. On Wednesday morning, hours before she arrived, a securtiy researcher named Michael Lynn decided to quit his job at Internet Security Systems and--defying ISS and Cisco Systems--give a presentation on hacking Cisco's router software. Lynn demonstrated that he could gain control over the router, an attack that many in the industry had previously thought impossible.
On her blog, Granick recounts what happened in Vegas. She tells how she came to be Lynn's lawyer after Cisco and ISS decided to sue him and the Black Hat organizers.
She also shares details on how the case was settled within 24 hours.
"We had plans to drink expensive champagne. But then, mere hours after we filed the settlement papers, FBI agents showed up on the conference floor and started asking questions," Granick writes in her blog, which reads somewhat like a legal suspense novel.
There are still some loose ends that need tying up in the case, but Granick--hailed as a hero at Black Hat and the subsequent Defcon hacker event--believes the ending will be good for her client.
"I'm optimistic about the outcome and looking forward to the day when Mike and I get to have that glass of champagne. Mike quit his job to give a presentation his employer didn't want him to give. But he did so out of a sense of responsibility to Internet security."